As the true entry point to career excellence, a CISSP starts newcomers on their path to Information Systems Security certifications and future leadership roles.
The Certified Information Systems Security Professional (CISSP) is the most globally recognized certification in the cybersecurity market. CISSP validates a cybersecurity professional’s deep technical and managerial knowledge and experience to effectively design, engineer and manage an organization’s overall security posture.
Cybersecurity professionals with at least 5 years in the information security field. Member data has shown that a majority of CISSP holders are in middle management and a much smaller proportion are in senior or junior/entrylevel positions. Roles include:
CISSP is relevant across all sectors and industries, including:
Candidates must have a minimum of 5 years’ cumulative work experience in 2 or more of the 8 domains of the CISSP Common Body of Knowledge (CBK). Earning a 4-year college degree or regional equivalent or a recognized credential from the (ISC)² approved list will satisfy 1 year of the required experience. Education credit will only satisfy 1 year of experience.
A candidate who doesn’t have the required experience may become an Associate of (ISC)² by successfully passing the CISSP examination. The Associate of (ISC)² will then have 6 years to earn the 5 years of required experience.
Quick Read:
Exam Availability: English | Testing Centre: Pearson VUE
Exam Length
Item Format
Passing Score
According to Certification Salary Survey 75 list, CCSPs reported an average
annual salary of USD $138,610 in the U.S., USD $127,010 worldwide.
See alternate Associate pathway for those who do not yet meet experience requirement
Find a local Pearson VUE Test Center and register for the exam at www.pearsonvue.com/isc2
Get work experience endorsed by an (ISC)² member within 9 months from exam date
Positioned as an authority figure on cybersecurity, proving proficiency to keep up with new technologies, developments and threats. Quickly conveys knowledge and inspires trust.
The highest standard for cybersecurity expertise. It’s vendor-neutral, accredited and requires both practical knowledge and professional experience to earn.
Advanced knowledge and skills to stay ahead of cybersecurity best practices, evolving technologies and mitigation strategies.
Vendor-neutral and multivendor knowledge can be applied across different technologies and methodologies, increasing marketability and ensuring ability to protect sensitive data in a global environment.
Raises visibility and credibility, improves job security and creates new job opportunities.
Depending on country and employer. On average, (ISC)² members report having 35% higher salaries than non-members.
Strengthen the security posture with qualified professionals who have proven expertise to competently design, build and maintain a secure business environment.
Implement the latest security best practices.
Ensure professionals speak the same language across disciplines and have cross-department perspective.
Increase organizational integrity in the eyes of clients and other stakeholders.
Meet certification mandates for service providers and subcontractors.
Ensure work teams are up-to-date on emerging and evolving technologies, threats and mitigation strategies by meeting (ISC)² Continuing Professional Education (CPE) requirements.
Comply with government or industry regulations (DoD 8140.01/8570.01 approved).